Who created/updated/delete a thing?

lisa · May 15, 2020, 2:06pm

We currently do not have a customer facing audit log. However, you can reach out to Support to find out who created/updated/deleted a thing in PagerDuty, as long as it happened within the last 90 days.

simonfiddaman · May 15, 2020, 2:06pm

Will you be opening up audit logging to customers?

Our Compliance Officer is super keen to have this information, and it would be nice for Team Members to be able to validate actions taken on their Schedules, Escalation Policies and Services.

Cheers,
Simon

Sidd · May 15, 2020, 2:06pm

Thanks for bringing this up!
Adding audit log capabilities is something that is on the product roadmap. Could you share more details on your use cases here ?

simonfiddaman · May 15, 2020, 2:06pm

You know Compliance Officers - they always want to know who changed what, and when.

Let’s assume you’re an on-call member. You were woken up last night for an alert, but you’re not really sure why - you thought you were supposed to be off-call. In the morning you check the Incident and yeah, maybe something changed overnight, but it all looks clean now. What happened? What state was it in last night when you got the escalation? Who changed it and when did they change it? What did they change? This could/should be implemented within the object scope, as you’re asking a context question.

Now let’s assume you’re the Compliance Office and you have to prepare a report to the auditors on how your alerting configuration is managed, who can make changes and who has made changes, and to what have they made changes? This should be a separate audit / change log that is exportable (preferably to PDF, as a fixed line report).

jzimmermanTRIMET · May 15, 2020, 2:06pm

Also looking for this feature. Similar use case. The “user story” I emailed to support is basically:

As an “Account Owner” or “Global Admin” I want to access to an audit log of all configuration changes to objects indicating what was changed, when it was changed, and by which user.

This will provide clarity to team members participating in management of pagerduty objects, provide something usable for compliance officers as noted above, and allow us to delegate management of the system more freely because we can now “trust and verify”.

Additionally I relayed through support a need for a “Custom Roles” which will help in a similar way. Will search for that elsewhere in the forum, but the user story for that is basically…

As an “Account Owner” or “Global Admin”, I want to create “Custom Roles” based on a “Flexible Role” and additional permissions so I can assign multiple users a “Custom Role” without having to maintain identical permissions configurations for each individual user.

EDIT: I believe I missed some additional purposes of “Teams” which may solve at least some of my use case for “Custom Roles”.

monica · May 15, 2020, 2:06pm

Hi John,

We have an existing ticket open for you regarding this. We’ll reply back on that ticket. Thanks!

netmask · May 15, 2020, 2:06pm

Would anybody be able to update the current status of this request? I’m very interested in it.

BrianMurphy · May 15, 2020, 2:06pm

Please update on this ticket. We definitely want this feature.

smttysmth02gt · May 15, 2020, 2:06pm

I’d like to also chime in saying that we’d like more visibility into this as well. Perhaps something only accessible to global admins would be the ticket.

RobertOverell · May 15, 2020, 2:06pm

Yep, this a requirement for any enterprise grade product. Please consider raising the priority on this.

sankalp · May 15, 2020, 2:06pm

+1 for this feature! It’s really useful to know who did what, so that you can get a conversation started with the right person instead of spamming every member of your account.

FredericDelhalle · May 15, 2020, 2:06pm

+1 , I really need audit trail

pboulangernadeau · May 15, 2020, 2:06pm

+1 needed once more

si · July 31, 2020, 3:40am

+1, because it would be tremendously useful.

Inactive-Member-99077006 · July 31, 2020, 7:21am

Hi,

This has been logged as a feature request with the Product Team to consider.

Regards,

john.c · September 2, 2020, 2:01pm

Hi, this feature is currently in Early Access and published in the public api here: https://developer.pagerduty.com/api-reference/reference/REST/openapiv3.json/paths/~1audit~1records/get

framirez · March 4, 2021, 11:04pm

There is now an audit function in the GUI but it was implemented in the most useless way .

To be able to use it you first have to know who caused an issue to look at what they did which defeats the purpose of an audit log.

See this scenario:

Someone changed a rule and it broke the functionality. I as an admin, don’t already know who did it or when actually caused the breakage; I just need to know who and when.

As it is today, I’d have to go through each of the over 200 users and look at their individual audit logs to find my answer … useless waste of time.

Any other tool that I’ve ever worked with that had an audit log, had it in it’s own dashboard correlated by time; not hidden under a user account, forcing you to already know who did something to see their audit.

You don’t need to re-invent the wheel or create snowflakes for everything you do PD. Think “How can I make this easy for my customers?”